Alireza Gharib Blog

CVE ID : CVE-2024-56045 Published : Dec. 31, 2024, 2:15 p.m. | 1 day, 20 hours ago Description : Path Traversal: ‘…/…//’ vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-56044 Published : Dec. 31, 2024, 2:15 p.m. | 1 day, 20 hours ago Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS allows Authentication Bypass.This issue affects WPLMS: from n/a through 1.9.9. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products,…

CVE ID : CVE-2024-56043 Published : Dec. 31, 2024, 2:15 p.m. | 1 day, 20 hours ago Description : Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS allows Privilege Escalation.This issue affects WPLMS: from n/a through 1.9.9. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-56040 Published : Dec. 31, 2024, 2:15 p.m. | 1 day, 20 hours ago Description : Incorrect Privilege Assignment vulnerability in VibeThemes VibeBP allows Privilege Escalation.This issue affects VibeBP: from n/a through 1.9.9.4.1. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-56205 Published : Dec. 31, 2024, 1:15 p.m. | 1 day, 21 hours ago Description : Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-56071 Published : Dec. 31, 2024, 1:15 p.m. | 1 day, 21 hours ago Description : Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through 2.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and…

CVE ID : CVE-2024-56064 Published : Dec. 31, 2024, 1:15 p.m. | 1 day, 21 hours ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Azzaroco WP SuperBackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through 2.3.3. Severity: 10.0 | CRITICAL Visit the link for more…

CERT-In Alerts WordPress Users to Critical WPForms Plugin Vulnerability As the world welcomed the New Year, cybersecurity experts had little reason to celebrate. On January 1, 2025, the Indian Computer Emergency Response Team (CERT-In) issued a high-severity alert about a … Read more Published Date: Jan 02, 2025 (2 hours, 56 minutes ago) Vulnerabilities has been mentioned…

Critical PAN-OS Vulnerability Added to CISA’s Exploited List: What You Need to Know The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding a newly discovered vulnerability in Palo Alto Networks’ PAN-OS vers … Read more Published Date: Jan 02, 2025 (4 hours, 1 minute ago) Vulnerabilities has been mentioned…

PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49112 in Windows SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical vulnerability, tracked as CVE-2024-49112 … Read more Published Date: Jan 02, 2025 (8 hours, 26 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-12108 CVE-2024-49112